IAM Armor Static analyzer for AWS IAM policies in Terraform
View on GitHub

.iamarmor.yml Reference

Complete reference for IAM Armor CLI configuration.

Place this file in the root of your repository.

Full schema

version: 1
severity_threshold: low
fail_on: high
rules:
  ignore: [IAM004]
  overrides:
    IAM002:
      severity: critical
paths:
  exclude:
    - "modules/legacy/**"

version

Required. Current value: 1.

severity_threshold

Lowest severity to include in output. Default: info.

fail_on

Exit with code 1 when findings at or above this severity are present. Default: medium.

rules.ignore

List of rule IDs to skip.

rules.overrides

Per-rule severity overrides.

paths.exclude

Glob patterns to skip.